from the oh,-you-mean-THESE-backup-tapes? dept

Whether or not the IRS is subjecting certain politically-affiliated groups to an unfair amount of attention remains to be seen. What is indisputable is that the agency's document retention policies are an unenforced joke. As citizens, we're required to hold onto pertinent financial records for 2-7 years just in case the IRS wants to look through them. The IRS, however, seemingly only retains records for as long as it can keep itself from inadvertently destroying them.

Emails from IRS official Lois Lerner have been sought for several months. At first, the IRS said it had them. Then it said it couldn't find them. Then it said Lerner's computer suffered a hard drive crash, taking with it a bunch of the emails being sought. Then it said more computers had crashed, taking out even more emails. Then it said it had recycled the crashed hard drives, making any data unrecoverable.

Questions were asked, most of them being "Bro, do you even back up files to a server?" Apparently, the IRS did no such thing, or was unaware of it, or didn't understand the question… and so on. The IRS admitted it told officials to print out and save emails (per internal guidance) but apparently no one took these rules very seriously, as there was no hard copy to be found either. A Justice Department official noted that there were backups, but that it was too hard to recover stuff from them, before dozing off in mid-sentence.

Up to 30,000 missing emails sent by former Internal Revenue Service official Lois Lerner have been recovered by the IRS inspector general, five months after they were deemed lost forever.

The U.S. Treasury Inspector General for Tax Administration (TIGTA) informed congressional staffers from several committees on Friday that the emails were found among hundreds of “disaster recovery tapes” that were used to back up the IRS email system.

The prodigal Lerner emails have returned! And there was much rejoicing, especially in Darrell Issa's camp, which has been applying much of the pressure over the past several months.

It will still be some time before these emails are turned over, however. The investigators looked through 744 disaster recovery tapes, holding an estimated 250 million emails and says it will be a few weeks before the recovered emails are in a readable format. If this goes at the usual speed of government, it will be next year before the emails even make their way into the hands of the investigating committee, and longer than that before the public can take a look for itself.

The good news is that despite the IRS's internal failures, the system still mostly worked. A backup backed up files and (after much hassling) an internal investigation recovered most of what had been declared officially missing. It's almost enough to restore your faith in the IRS (and the government as a whole), except for almost everything else about the IRS (and the government as a whole).

from the facepalm dept

I try not to go for conspiracy theories generally, but this ongoing IRS nonsense involving conveniently disappearing emails potentially pertaining to the scandal involving targeting certain groups is making my skeptics beacon go off. The official story essentially involves a computer (server?) crash that obliterated the email data of several email accounts that would otherwise be of great interest to those trying to figure out who in the Obama administration knew what about how the IRS was operating. That crash somehow also involves the destruction of any local backups these IRS folks are required to keep as part of their job.

But what I imagine pretty much everyone that has even a modicum of interest in office technology is asking is what about the kind of backups that are typically run for disaster recovery and offsite purposes. You know, like tape drives (blech), D2D backups, or remote storage. It's difficult to believe that all copies of the data for those email accounts had somehow been disappeared by accident. Or, really, disappeared entirely at all.

“A Department of Justice attorney told a Judicial Watch attorney on Friday that it turns out the federal government backs up all computer records in case something terrible happens in Washington and there’s a catastrophe, so the government can continue operating,” Judicial Watch president Tom Fitton told Fox News’s Shannon Bream. “But it would be too hard to go get Lois Lerner’s e-mails from that backup system."

Now, I know, Fox News and blah blah blah, but this is a claim worth paying attention to mostly because it only makes sense to begin with. Well, the part about there being backups, I mean. The suggestion that such backups are so difficult to parse and recover that the administration isn't going to get them for review makes zero sense because that's what damned backups are for.

Think about the logic here for a moment. The reason the federal government has backups of data in place is because there's a great deal of horrible crap that could happen to their facilities. Natural disasters, terrorist attacks, hallmark-level incompetence, Area 51 aliens going Rambo on the computers. These are the things they have to prepare for and they need the ability to restore data from a remote location should one of their facilities fall to our alien overlords. To say that restoring that data is too hard to do when requested is to say that they're ill-prepared for a disaster. The suggestion that the government can't retrieve emails for court or congressional review is to say that they wouldn't even meet FINRA compliance, something that itsy-bitsy little trading firms are required to meet.

Fitton said his group plans to ask a federal judge to order the IRS to hand over the e-mails, which conservative opponents of Lerner want to see in order to determine if there is a link between President Obama’s team and the IRS’s targeting of tea-party groups.

“If this backup system is working, Lois Lerner’s e-mails are there,” Fitton said.

And if the backup system isn't working, then fire everyone everywhere because this kind of thing is no joke. I'd say it'd be a bigger scandal to have any portion of the federal government not have basic backup and DR systems in place than to find out that any portion of the Executive administration was encouraging the IRS to target certain special interest groups.

from the hilarious-except-for-the-tax-dollars-funding-the-debacle dept

The IRS is currently being investigated by Congress for some possibly politically-motivated "attention" it directed towards "Tea Party" and other conservative groups that operated as tax-exempt entities. Along the way, IRS official Lois Lerner, who was the first to publicly disclose the inappropriate targeting, was also one of the first government officials to plead the Fifth (twice) in government hearings.

The IRS has told Congress that it lost more than two years’ worth of emails involving former IRS official Lois Lerner, due to a computer crash.

House Ways and Means Committee Chairman Dave Camp (R-Mich.) on Friday said it was “unacceptable” that he was just learning of this problem now, after a lengthy investigation into Lerner’s involvement in the IRS targeting scandal.

Camp points out that the IRS withheld these emails for over a year before suddenly "discovering" they were unavailable. The IRS says it can find everything Lerner sent to and received from other IRS employees but nothing containing correspondence with those outside the agency.

Obviously, this convenient "computer crash" has generated a lot of skepticism. For one thing, a "computer crash" doesn't really have the power to destroy electronic communications. Email is always almost stored somewhere else other than the local user's computer. And even if the IRS meant a "server crash" instead of a "computer crash," any decent server system contains multiple levels of redundancy.

I believe the government uses Microsoft Exchange for their email servers. They have built-in exchange mail database redundancy. So, unless they did not follow Microsoft's recommendations they are telling a falsehood.

The IRS's own policies on email state that its employees use both Microsoft Outlook and Exchange, which means it should have some form of backup available.

Secure Messaging enrollment is an automated process for all LAN accounts with an Exchange mailbox in IRS. You can find the instructions for configuring the Outlook client to use the certificates at the Secure Enterprise Messaging Systems (SEMS) web site: http://documentation.sems.enterprise.irs.gov/.

According to Cillo, the only other explanation for the IRS's inability to recover these emails is that the agency is "totally mismanaged and has the worst IT department ever." Unfortunately, the government seems to have a lot of mismanaged and terrible IT departments, so this may be closer to the truth than anyone would really like to admit. Perhaps the general ineptitude of large government agencies is behind the Treasury Department's policy that all email sent to or from IRS employees be "archived" via hard copy printouts.

If you create or receive email messages during the course of your daily work, you are responsible for ensuring that you manage them properly. The Treasury Department’s current email policy requires emails and attachments that meet the definition of a federal record be added to the organization’s files by printing them (including the essential transmission data) and filing them with related paper records. If transmission and receipt data are not printed by the email system, annotate the paper copy.

Critics believe the IRS has simply "vanished" the crucial emails in order to cut Lerner adrift and make it appear she acted alone. Any evidence that would tie outside government agencies (including the administration itself) into this situation has been deemed unrecoverable. Supposedly, there should be paper copies of the missing emails, but no one in Congress has requested these and the IRS certainly isn't offering to look.

But one Congressman thinks he has a solution to the missing email dilemma. Steve Stockman (last seen here threatening to bring a defamation lawsuit against someone who uttered true facts about his criminal past) knows some people who have a whole lot of email data just laying around.

“I have asked NSA Director Rogers to send me all metadata his agency has collected on Lois Lerner’s email accounts for the period which the House sought records,” said Stockman. “The metadata will establish who Lerner contacted and when, which helps investigators determine the extent of illegal activity by the IRS.”

Yeah, let me know how that works out for you, Steve. The NSA can't even confirm or deny its monthly water usage at its Utah data site, much less that it has metadata pertaining to Americans' communications.

[Sidebar: I do really love the fact that this sort of thing is becoming increasingly common -- the use of the NSA as the backup-of-last-resort for phone/email/internet communications data. If anyone claims it can't find email X or phone record Y, someone's going to say, "Hey, I'll bet the NSA has a copy!" Hilarious. The NSA will never again be allowed to pretend it doesn't harvest data on American citizens.]

The whole letter, which begins with some light ass-kissing of new NSA director Michael Rogers ("thank you for your 33 years of, and continued service to, our country...") and closes with a bit of grandstanding, surreally asking "the Agency" to send all relevant metadata on the missing Lerner emails to "Donny@mail.house.gov." All in all, probably one of the most incongruous demands the NSA has ever received, a letter which conjures up the image of a late-night meeting in an underground parking garage, with sunglassed NSA liaisons handing over a briefcase full of metadata to a 19-year-old intern dressed in his dad's suit.

It's pretty hard to shake the impression that this is a coverup. As always, the specter of pure ineptitude lurks in the background, as it often does when large bureaucracies tangle with technology. But until the IRS presents further evidence detailing how exactly these emails went missing, it's safe to assume there's been an active effort made to cover up government impropriety.

from the did-it-break-the-rules? dept

Here's a random story, found via Kottke, highlighting how Pixar came very close to losing a very large portion of Toy Story 2, because someone did an rm * (non geek: "remove all" command). And that's when they realized that their backups hadn't been working for a month. Then, the technical director of the film noted that, because she wanted to see her family and kids, she had been making copies of the entire film and transferring it to her home computer. After a careful trip from the Pixar offices to her home and back, they discovered that, indeed, most of the film was saved:

Now, mostly, this is just an amusing little anecdote, but two things struck me:

How in the world do they not have more "official" backups of something as major as Toy Story 2. In the clip they admit that it was potentially 20 to 30 man-years of work that may have been lost. It makes no sense to me that this would include a single backup system.

I wonder if the copy, made by technical director Galyn Susman, was outside of corporate policy. You would have to imagine that at a place like Pixar, there were significant concerns about things "getting out," and so the policy likely wouldn't have looked all that kindly on copies being used on home computers.

The Mythbusters folks wonder if this story was a little over-dramatized, and others have wondered how the technical director would have "multiple terabytes of source material" on her home computer back in 1999. That resulted in an explanation from someone who was there that what was deleted was actually the database containing the master copies of the characters, sets, animation, etc. rather than the movie itself. Of course, once again, that makes you wonder how it is that no one else had a simple backup. You'd think such a thing would be backed up in dozens of places around the globe for safe keeping...

from the not-a-good-sign dept

The latest joke of a lawsuit from Hollywood, over Real Networks' RealDVD software, began today. The movie studios were actually able to get the judge to close the courtroom and kick out the press, despite not following the normal procedures to request such a move. If you haven't followed the case at all, basically Hollywood is suing RealNetworks for making software that allows you to back up your own DVDs, though it places significant limitations on them. What's really odd about this is that there are tons of free DVD rippers out there that put no restrictions whatsoever. In Real's case, it puts significant limitations on the backup copies -- and courts have shown in the past that making a backup of a digital good is accepted as fair use. Taking Real's product off the market makes almost no sense at all.

However, it seems like Hollywood's argument is based on the claim that Real somehow is using "hacker" technology in its product that violates the DMCA. It's not clear why using hacker technology should make the situation any different than having built your own. The MPAA is also claiming that there is no fair use defense to backing up a DVD, which is difficult to believe, given that fair use covers backups of music and software. What makes a movie so different? Well, the MPAA, of course, will claim (as it did in a previous case, against 321 Studios) that the encryption makes it illegal.

And that's where the problems come in. Thanks to the anti-circumvention clause of the DMCA, an action that is clearly fair use (backing up a movie) becomes illegal not because of the backup, but because of the circumvention of the DRM. That should go against all common sense: if the action itself is legal fair use, why should it matter how it's done (or who made the software)? Unfortunately, we don't often see common sense win out in these cases... and the early reports from the court room suggest that the judge is siding with the MPAA. Perhaps this isn't a surprise. Marilyn Hall Patel is the same judge who declared Napster illegal as well, despite a strong safe harbor defense. In this case, she told RealNetworks:

"They have the copyright. That's the issue here right? They have the copyright.
They have the right to exclude."

That's actually a somewhat scary quote from the judge who should know better. Copyright does give them a right to exclude, but a limited right, which is supposed to be weighed against the rights of consumers, including their rights to fair use for things like (drum roll....) making a backup.